Tugger the SLUGger!SLUG Mailing List Archives

[SLUG] non-root users cant use network


Hi everyone,

I'm fairly new to the list.

I've got what I would consider an interesting issue with a little
netbook I've been playing around with.

basically regular users cannot make any outbound network connections.

for example:

cpbarnes@netbook:~$ ping 127.0.0.1
socket: Permission denied


and

cpbarnes@netbook:~$ wget http://127.0.0.1/
Connecting to 127.0.0.1:80... failed: Permission denied.


doing the same as root works.



Interestingly when i do:

root@netbook:~# /sbin/ifconfig

i can see the loopback interface AND its ip address 127.0.0.1


however as a regular user i get:

"warning: no inet socket available: no such file or directory"

i can see the loopback interface but there is no ip address.


heres a little background.
The netbook features an ARM processor, 128meg RAM, and the main
storage is a USB thumb drive wired straight on to the mainboard.
It came pre-loaded with Windows CE 6 however, as stunning and feature
rich as it was, i got my hands on the vendors linux install for the
netbook and installed that.

The vendors Linux install is Debian based, ive got 2 varients, Debian
5 and Debian 6. Both present the same problem. I've tried updating the
installed packages but the problem persists.

The Linux kernel supplied appears to be a customised 2.6 and pretty
much all the modules are compiled in.



ive done a stack of searching on the interwebs. a lot of people talk
about needing to setuid on the ping bin, but this is already done

root@netbook:~# ls -l /bin/ping
-rwsr-xr-x 1 root root 34984 oct 14 2010 /bin/ping


and besides, its not just ping that isnt working.



i get this problem with the loopback interface, with the ethernet
interface, and with the wireless interface.


/sbin/route shows no entries, not even locally connected networks but
even after adding one problem persists.

e.g.
route add -net 127.0.0.0/8 lo


some people have also suggested ip tables could be the problem but as
far as I can tell no rules are installed. it doesnt even look like
iptables support is compiled into the kernel

root@netbook:~# /sbin/iptables -L
iptables v1.4.8: can't initialize iptables table `filter`: iptables
who? (do you need insmod?)
Perhaps iptables or your kernel needs to be upgraded.


I've never seen a problem like this. Does anyone have any ideas or
suggestions on what to look for or what to try next?

Thanks or your time.

--

Kind Regards,

Christopher Barnes

e. chris.p.barnes@xxxxxxxxx